Late last week, a federal court judge in New Jersey dismissed a putative class action lawsuit against Horizon Blue Cross for a data breach involving two unencrypted laptops that were lost in 2013. The case alleged that close to 840,000 individuals’ information was breached, including names, addresses, dates of birth, health information and Social Security numbers.
The plaintiffs alleged that Horizon failed to put appropriate security measures in place following a data breach in 2008, and it said it would implement security measures following a government investigation of that breach, which involved 300,000 individuals’ information. However, it failed to implement the measures, which contributed to the data breach in 2013 involving the unencrypted laptops. Nonetheless, the judge dismissed the case because the plaintiffs “have not alleged an ‘economic injury’ sufficient for standing.”